UBUNTU-CVE-2025-21974

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: return fail if interface is down in bnxtqueuememalloc The bnxtqueuememalloc is called to allocate new queue memory when a queue is restarted. It internally accesses rx buffer descriptor corresponding to the index. The ...

UBUNTU-CVE-2025-21969

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after-free Read in l2capsendcmd After the hci sync command releases l2capconn, the hci receive data work queue references the released l2capconn when sending to the upper layer. Add hci dev lock to...

UBUNTU-CVE-2025-21925

In the Linux kernel, the following vulnerability has been resolved: llc: do not use skbget before devqueuexmit syzbot is able to crash hosts 1, using llc and devices not supporting IFFTXSKBSHARING. In this case, e1000 driver calls ethskbpad, while the skb is shared. Simply replace skbget by...

UBUNTU-CVE-2025-21973

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix kernel panic in the bnxtgetqueuestatsrx | tx When qstats-get operation is executed, callbacks of netdevstatsops are called. The bnxtgetqueuestatsrx | tx collect per-queue stats from swstats in the rings. But rx | t...

UBUNTU-CVE-2025-21940

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL Pointer Dereference in KFD queue Through KFD IOCTL Fuzzing we encountered a NULL pointer derefrence when calling kfdqueueacquirebuffers. cherry picked from commit 049e5bf3c8406f87c3d8e1958e0a16804fa1d530...

CVE-2025-21974 eth: bnxt: return fail if interface is down in bnxt_queue_mem_alloc()

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: return fail if interface is down in bnxtqueuememalloc The bnxtqueuememalloc is called to allocate new queue memory when a queue is restarted. It internally accesses rx buffer descriptor corresponding to the index. The ...

CVE-2025-21973

CVE-2025-21973 affects the bnxt Ethernet driver (bnxt_get_queue_stats_rx/tx) in the Linux kernel. If an interface is down, qstats-get may access cp_ring/tx_ring without null checks, causing a NULL pointer dereference and kernel panic. Reproducer steps are provided in the description. The issue ha...

CVE-2025-21973 eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx}

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix kernel panic in the bnxtgetqueuestatsrx | tx When qstats-get operation is executed, callbacks of netdevstatsops are called. The bnxtgetqueuestatsrx | tx collect per-queue stats from swstats in the rings. But rx | t...

CVE-2025-21940 drm/amdkfd: Fix NULL Pointer Dereference in KFD queue

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL Pointer Dereference in KFD queue Through KFD IOCTL Fuzzing we encountered a NULL pointer derefrence when calling kfdqueueacquirebuffers. cherry picked from commit 049e5bf3c8406f87c3d8e1958e0a16804fa1d530...

CVE-2025-21940 drm/amdkfd: Fix NULL Pointer Dereference in KFD queue

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL Pointer Dereference in KFD queue Through KFD IOCTL Fuzzing we encountered a NULL pointer derefrence when calling kfdqueueacquirebuffers. cherry picked from commit 049e5bf3c8406f87c3d8e1958e0a16804fa1d530...

CVE-2025-21940 drm/amdkfd: Fix NULL Pointer Dereference in KFD queue

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix NULL Pointer Dereference in KFD queue Through KFD IOCTL Fuzzing we encountered a NULL pointer derefrence when calling kfdqueueacquirebuffers. cherry picked from commit 049e5bf3c8406f87c3d8e1958e0a16804fa1d530...

CVE-2025-21940

Technical details about CVE-2025-21940 are not publicly provided in the supplied documents. No affected products, versions, or fixes are explicitly described here. Monitor for vendor advisories and patch releases.

Incorrect Authorization

Overview org.apache.activemq:artemis-server is a server package for the ActiveMQ-Artemis project. Affected versions of this package are vulnerable to Incorrect Authorization in the createQueue method in ServerSessionImpl.java, which is invoked by the createDurableQueue and createNonDurableQueue...

CVE-2025-27427

A vulnerability exists in Apache ActiveMQ Artemis whereby a user with the createDurableQueue or createNonDurableQueue permission on an address can augment the routing-type supported by that address even if said user doesn't have the createAddress permission for that particular address. When...

PT-2025-14355 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.14.0-rc2+ Description: A vulnerability in the Linux kernel has been resolved, related to the bnxt queue mem alloc function. This function is called to allocate new queue memory when a queue is restarted. If th...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the mm slab kvfreercu module not using the WQMEMRECLAIM work queue...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from the eth bnxt module allocating queue memory when the interface is closed...

Apache ActiveMQ Artemis 安全漏洞

Apache ActiveMQ Artemis is a high-performance open source messaging agent from the Apache Foundation USA. A security vulnerability exists in Apache ActiveMQ Artemis versions 2.0.0 through 2.39.0, which stems from the ability of a user with createDurableQueue or createNonDurableQueue permissions t...

PT-2025-14333 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A issue in the Linux kernel has been resolved, related to the HID corsair-void component. The corsair void process receiver function can be called from an interrupt context, and lockin...

Vulnerability of the xenvif_disconnect_queue() function in the drivers/net/xen-netback/interface.c module – the Linux kernel network adapter driver support mechanism, which allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information.

Vulnerability of the xenvifdisconnectqueue function in the drivers/net/xen-netback/interface.c module – The Linux kernel network adapter driver relies on the reutilization of previously freed memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrit...